John, appreciate the copy of the article, very interesting read.
On Tue, Sep 17, 2013 at 10:10 AM, John Robinson <[email protected]>wrote: > David, > > Just in case you are having a hard time, as I tried to go back to the site > and I didn't get to the article, so here it is. > > John > > > > > ** > *Apple Secure Enclave*:* What is Apple’s new Secure Enclave and why is it > important?* > > > en·clave noun \ˈen-ˌklāv, ˈän-ˌklāv\ > : A group that is set off from a larger population by its characteristic > or behavior. > > *A Seven Year Apple Odyssey That Ended At The Enclave* > > With the September 10th, 2013 announcement [1] of the iPhone 5s and the > Touch ID fingerprint technology, Apple has moved the world quite a leap > forward with security and a magical way to gain instant access to our > iPhones. This was a rather long journey for Apple that I know will bear > fruit for the next 10 years. > > I have been tracking the notion that Apple would deploy fingerprint > scanners since 2008 [2] and was rather certain that I would one day see > Apple release what is now known as Touch ID. Over the years many very > educated and perhaps well known people in the tech world would discount the > entire range of logical premises Apple would base this product on. Some of > that view changed after the summer of 2012 when Apple acquired AuthenTec. > At that point some of the payment startups I was advising began to finally > take note. Some however hoped if they ignore me and perhaps Apple, this > would all just go away (this was actually said out loud by a founder no > less). > > Back in 2008 when I first saw the Apple patent that literally sent me back > into my chair and yelled out [2] as I saw the future in one image in that > patent application. However I began to wonder how would Apple secure such > an important piece of biometric data. Working in the payment card business > for over 30 years and in particular with the encryption requirements for > PIN numbers, I knew that there could be no software only solution for this > problem. Thus I always knew that there would be a need for a segregated > area to encase this data in hardware. Did not guess it would be poetically > called an Enclave. > > *The World Of The Secure Enclave* > > In the torrent of the billions of words already written about Touch ID > very, very few people have really understood just how revolutionary this > really is. Apple not only has developed one of the most accurate mass > produced biometric security devices, they have also solved critical > problems with how the data from this device will be encrypted, stored and > secured. Apple Calls this the Secure Enclave and it is a relatively new > concept. > > [image: main-qimg-4373a7fe7a684ff21151b37ff744e5f5.png] > *Illustration of the iPhone Secure Enclave.* > > *iPhone Gets Help From Extra ARMs* > > The iPhone 5s uses the ARMv8 based processor (known as A7 by Apple) > designed by ARM Limited[3] and Apple. The A7 uses a 64-bit processor > architecture as opposed to the 32-bit processor architecture of the older > iPhones. This is a rather large gain in raw processor horsepower but it > will not be fully useful for quite sometime as code recompiles will be > needed to allow apps to uses the performance gain. We will begin to see > some specialized apps that are 5s only at some future date as backward > compiles may not make sense. Apple is also using the M7, a companion core > to the A7 and will control accelerometer, gyroscope and compass and other > not so obvious things. > > *The A7 Was Built For High Security* > > The amazing thing about ARM and the way they build components is that they > are hyper responsive to the needs of the companies that will use their > products. ARM has been the choice for just about all smartphone for this > and quite a number of reasons. > > There are numerous reasons Apple moved to the A7 processor. One reason is > the hardware requirements of Touch ID. To economically create the Secure > Enclave, Apple needed a processor that is already aware of the concept of > encryption and security at a native level and has the dedicated hardware to > make a segregated and secure area with in the processor architecture. > > About three years ago ARM began to look into this very issue. and through > a number of partnerships created what is now known as TrustZone/SecurCore > [4]. TrustZone technology is tightly integrated into the A7 processor and > extends throughout the system via the AMBA AXI bus and specific TrustZone > System IP blocks. This system approach means that it is possible to secure > peripherals such as secure memory, crypto blocks, keyboard, screen and > sensors to ensure they can be protected from software attack. > > Back in April, 3rd 2012 I did take note that ARM was forming a partnership > with Gemalto and Giesecke & Devrientto [5] to create secure payment devices > but did not yet make the Apple fingerprint scanner connection I have had in > my mind since 2008: > > “The new venture will focus on improving security for smart connected > devices by developing a Trusted Execution Environment (TEE) based on the > established ARM® TrustZone® security technology. This common, secure > environment for software execution will utilize advanced hardware security > coupled with industry standard software interfaces, such as those from the > GlobalPlatform industry association. > > ... > > Devices with a TEE will provide consumers with more secure, user-friendly > experiences that simplify and speed up how they interact with their digital > world. This will enable them to use their smart, connected devices more > frequently to access an increasing range of applications and services in a > secure way. *This includes **mobile payment**, enterprise productivity > and mobile banking applications, as well as online commerce and premium > content services.*” > > This white paper written by ARM in 2008 really shows just how much the A7 > is being designed for mobile payments [6]: > > “6.2.2 Mobile Payment > > Many embedded devices are now storing a large amount of user data, > including sensitive information such as synchronised email, *mobile > banking details, and** mobile payment** credentials*. This user data can > be protected, requiring the entry of passcode before it can be used, > however once unlocked it is vulnerable to any weakness in the underlying > software environment. > > Migrating the data storage, data manipulation, and even the passcode > entry, into the Secure world makes sense for many applications that make > use of user data. While all of these use cases have subtly different > assets, they all share a similar security requirements. For the purposes of > this example, Gadget2008 will use mobile payment which has stricter > requirements than most of the other use cases.” > > *How Does The Secure Enclave Work?* > > It turns out this was the perfect convergence for the synergy needed to > allow Apple to move forward with TouchID. Apple has customized a highly > optimized version of TrustZone and created what is now known Secure > Enclave. Of course Apple will likely never release the details of what > they do in the custom hardware for number of reasons. Thus I will speak > directly of TrustZone and extrapolate to Secure Enclave. > > The security of the TrustZone system is achieved by partitioning all of > the hardware and software resources so that they exist in one of two worlds > - the Secure world for the security subsystem or the Normal world for > everything else. The TrustZone-enabled AMBA3 AXI bus fabric ensures that > Normal world components do not access Secure world resources, enabling > construction of a strong perimeter boundary between the two. > > [image: main-qimg-4c5ce54efb6ab6d8a4fe65caf431f78d.jpg] > *Hardware Architecture of TrustZone.* > > This design places the sensitive resources in the Secure world, and > implements robust software running on the secure processor cores, can > protect assets against many possible attacks, including those which are > normally difficult to secure. By separating security sensitive peripherals > through hardware this will limit the number of sub-systems that need to go > through security evaluation. The two virtual processors context switch via > a processor mode called monitor mode when changing the currently running > virtual processor. > > [image: main-qimg-f018fd069da32e65abdcde4d697e94dd.jpg] > *Software Architecture of TrustZone* > > *The A7 Is Optimized For Secure Mobile Payments* > > Thus we can really see just how deep the security runs in DNA of the A7 > processor. The deep level hardware based secure architecture is rather > rock solid. It would require a rather large magnitude of hardware hacking > to even attempt access to the data stored in the Secure Enclave. > > Now one could argue that this is all well and good for the device itself, > but what about the Internet? It turns out the data needed to activate > systems in the cloud will be best described as a token via the Internet. > This is exactly how Apple will active iTunes and App Store purchases. And > in the future some retail payment card transactions [7]. > > [image: main-qimg-40dcdcb32921d02f428a3ec0f60e7752.png] > *ARM Limited’s Webpage devoted to ARM product use cases in payments.* > > *Additional Security * > > To use Touch ID you will also have to create a passcode as a backup. Only > that passcode can unlock the phone if the phone is either rebooted (example > full battery drain) or hasn’t been unlocked for 48 hours. This is a genius > feature that is meant to set a time limit for criminals if try to find a > way to circumvent the fingerprint scanner. > > *Huge Developer Opportunity* > > Apple has wisely restricted very, very limited access to Touch ID and does > not have any APIs available for developers. In fact Apple has removed the > iCloud Keychain from the most recent developer build of iOS 7. I can only > publicly say this has a lot of reasons that will be very clear in the next > few months. The technology is now limited to just two use cases, device > unlock and iTunes and App Store purchases. Of course this was not the > limited intent of this technology and there will be full developer API > access at some point, perhaps not in some areas that Apple will limit as > they want to be the sole provider in those areas. > > There are dozens of applications and use cases on the roadmap and I am > certain a developer economy will build around this amazing technology. One > that is very clear is retail payments and Apple will have quite a number of > unique ways they will solve real problems for merchants and iPhone users. > I can say this aspect of Touch ID will be more magical then what we have > seen thus far. There will be connections to iBeacons and the amazing > technology Apple just acquired through Passif. > > *Touch ID Is Paradigm Changing* > > Apple has taken a very slow and methodical approach with the release of > Touch ID. We can see that there was a tremendous amount of amazing work > that has gone into this project. All of this convergence took over seven > years of very hard work. It includes many patent applications, the > acquisition of AuthenTec, the selection of the A7 processor and the > integration of the TrustZone suite all baked together into what we now know > as Touch ID. > > This has been a long journey that has only just been made public and I am > rather certain that Steve Jobs would be quite proud. > > > _______________________________________________ > MacGroup mailing list > [email protected] > http://www.math.louisville.edu/mailman/listinfo/macgroup > >
_______________________________________________ MacGroup mailing list [email protected] http://www.math.louisville.edu/mailman/listinfo/macgroup
